42997b1d47526cb5964fb01f30c93798_JaffaCakes118

General

Target

42997b1d47526cb5964fb01f30c93798_JaffaCakes118
Size

169KB
MD5

42997b1d47526cb5964fb01f30c93798
SHA1

c8b2562d7bf9c03046f6425325e56b2e9c740bf9
SHA256

39098821d83476c303a36cf9568806393dad20ab9aee9c2dbeab49d5bb66747b
SHA512

5677dd300c3d9c8bcec9a7225508dceab83a99873107f284b9d7159e2d98ceae6df3a09acf53b3faf9d6224c2b5b2f6f22766d950751b939bdd7f8688ee21640
SSDEEP

3072:y2TzuERB6eeEir8/GREAkbaVUMb+OeVzD9fDVrGOoPi65I4bSzA0o7nWj5:VTz9OeenMlnMUMb+3jGOGi6HSzARny

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42997b1d47526cb5964fb01f30c93798_JaffaCakes118

Files

42997b1d47526cb5964fb01f30c93798_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80a07a9bd744c6a3b09ff7893edecf79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

psapi

GetProcessMemoryInfo

ole32

CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc
CoRevokeClassObject
CoInitialize
CoRegisterClassObject
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
StringFromCLSID

shell32

SHGetFileInfoW

user32

CharUpperW
wsprintfW
PostThreadMessageW
TranslateMessage
KillTimer
SetTimer
GetWindowLongA
GetMessageW
DispatchMessageW
GetDC
CharNextW
UnregisterClassA

gdi32

GetTextMetricsW
GetOutlineTextMetricsW
CreateFontIndirectW
DeleteObject
SelectObject
AddFontResourceExW

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegDeleteValueW
RegSetValueExW

kernel32

FillConsoleOutputAttribute
lstrlenW
LockResource
CreateFileMappingW
WideCharToMultiByte
lstrcpyA
GetProcessWorkingSetSize
lstrcmpiW
GetLastError
GetTickCount
EnumResourceNamesW
GlobalAlloc
OutputDebugStringW
MultiByteToWideChar
FreeEnvironmentStringsW
GetCPInfo
GetACP
lstrcpyW
InitializeCriticalSection
FindClose
GlobalFree
GetModuleHandleW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80a07a9bd744c6a3b09ff7893edecf79

Headers

File Characteristics

Imports

psapi

ole32

shell32

user32

gdi32

advapi32

kernel32

oleacc

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 58KB - Virtual size: 58KB

.isete Size: 1024B - Virtual size: 248KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 58KB - Virtual size: 58KB

.isete
Size: 1024B - Virtual size: 248KB